Linux Foundation LFCS: James Medeiros

I spent my formative years glued to the CRT screen of my 486. In 1997 I was 12 years old and had discovered the local, text-only FreeNet -- my portal to the world's collective knowledge via 2400 baud modem. I quickly became familiar with the Lynx browser and eventually found the Schoolnet MOO (an object-oriented MUD which is still running today) where I made fast friends and began to explore basic coding in the environment. In high school, I was fortunate enough to have a fabulous teacher who gave us free time to experiment with installing our choice of operating systems on machines with swappable hard drives. My first Linux distribution was Mandriva (Mandrake at the time), but I've only recently made the switch to Linux as my primary OS.

More in Tux Machines

Mozilla, Firefox and ChromeOS/Chrome

From the onset, our vision for Common Voice has been to build the world’s most diverse voice dataset, optimized for building voice technologies. We also made a promise of openness: we would make the high quality, transcribed voice data that was collected publicly available to startups, researchers, and anyone interested in voice-enabled technologies.
Today, we’re excited to share our first multi-language dataset with 18 languages represented, including English, French, German and Mandarin Chinese (Traditional), but also for example Welsh and Kabyle. Altogether, the new dataset includes approximately 1,400 hours of voice clips from more than 42,000 people.
With this release, the continuously growing Common Voice dataset is now the largest ever of its kind, with tens of thousands of people contributing their voices and original written sentences to the public domain (CC0). Moving forward, the full dataset will be available for download on the Common Voice site.

The Attention War. There have been many headlines related to it in the past decade. This is the idea that apps and companies are stealing attention. It’s the idea that technologists throw up ads on websites in a feeble attempt to get the attention of the people who visit the website.
In tech, or any industry really, people often say something to the effect of, “well if the person using this product or service only read the instructions, or clicked on the message, or read our email, they’d understand and wouldn’t have any problems”. We need people’s attention to provide a product experience or service. We’re all in the “attention war”, product designers and users alike.
And what’s a sure-fire way to grab someone’s attention? Interruptions. Regardless if they’re good, bad, or neutral. Interruptions are not necessarily a “bad” thing, they can also lead to good behavior, actions, or knowledge.

Google has just released an update for Chrome 73, the major update of the browser that was shipped to all supported platforms earlier this month.
Now at version 73.0.3683.86, Google Chrome comes with under-the-hood improvements on Windows, Linux, and macOS, and you can download it using the links here.

We don't have many details on exactly how Google's new search and browser picker will work; there's just a single paragraph in the company's blog post. Google says it will "do more to ensure that Android phone owners know about the wide choice of browsers and search engines available to download to their phones. This will involve asking users of existing and new Android devices in Europe which browser and search apps they would like to use."

The European Commission has hit search giant Google with a third fine, related to abuse of its AdSense advertising service, and told the company to fork out €1.49 billion (A$2.38 billion) for breaching EU anti-trust rules.

Google and the EU's European Commission are making all sorts of announcements lately. Fresh off the revelation that Google would implement a browser and search-engine picker in EU-sold Android devices, Google's advertising division is getting slapped with a fine next, to the tune of €1.5 billion ($1.69 billion). The European Commission's latest antitrust ruling says that Google's bundling of its advertising platform with its custom search engine program is anti-competitive toward other ad providers.

Programming: Learning, Java Development Kit 12, and Python Bits

Learn how to write a program:
You cannot make anything new in the computer world without programming skills. You can create windows, apps, websites, a desktop application using programming languages. Some programming languages that you can learn in your beginning level of becoming tech-savvy is Java, C, C++, Html, CSS, JAVASCRIPT, PHP, PYTHON. You can enhance your programming skills by sitting home by taking online tutorials.
Use a Linux or Unix Operating System:
If you want to be a tech- savvy I recommend using Unix operating system because a techy person mostly uses the Unix operating system in the world. Unix operating system is open source anyone can use it, and you can view its code too. So, it will help in enhancing your programming skills and learning about technical skills.

The production release of Java Development Kit 12, based on Java SE (Standard Edition) 12, is now available. JDK 12 builds are available from Oracle for Linux, Windows, and MacOS.
[...]
Open source builds are provided under the GNU General Public License v2, with Classpath Exception. Commercial builds of JDK 12 from Oracle can be found on the Oracle Technology network under a non-open source license.

A proposal to add a new dictionary operator for Python has spawned a PEP and two large threads on the python-ideas mailing list. To a certain extent, it is starting to look a bit like the "PEP 572 mess"; there are plenty of opinions on whether the feature should be implemented and how it should be spelled, for example. As yet, there has been no formal decision made on how the new steering council will be handling PEP pronouncements, though a review of open PEPs is the council's "highest priority". This PEP will presumably be added into the process; it is likely too late to be included in Python 3.8 even if it were accepted soon, so there is plenty of time to figure it all out before 3.9 is released sometime in 2021.

Debugging and profiling play an important role in Python development. The debugger helps programmers to analyze the complete code. The debugger sets the breakpoints whereas the profilers run our code and give us the details of the execution time. The profilers will identify the bottlenecks in your programs. In this tutorial, we’ll learn about the pdb Python debugger, cProfile module, and timeit module to time the execution of Python code.
This tutorial is an excerpt from a book written by Ganesh Sanjiv Naik titled Mastering Python Scripting for System Administrators. This book will show you how to leverage Python for tasks ranging from text processing, network administration, building GUI, web-scraping as well as database administration including data analytics & reporting.

Security: AccessEnforcer, Windows Ransomware Does Major Damage, Spammers Send Junk Mail to Thousands of Printers, Google Cleanup and More

AccessEnforcer Version 4.1 also updates firewall's operating system to OpenBSD 6.3. OpenBSD is one of the most secure operating systems in the world. Version 6.3 provides additional mitigations against the Spectre and Meltdown vulnerabilities and also mitigates against return-oriented programming and other memory corruption attacks.

Spam has been with us since the very first days of email, but a Russian marketing agency recently took things a stage further by sending good old-fashioned paper-based junk mail over the internet.
The company claims to have advertised a graphic design course for its client Skillbox using a software bot that searched for online printers. It printed a one-page promotion on every device it found, directing them to a website boasting about its exploits.
The website for the company's marketing campaign, which I am deliberately not linking to here, explains that "by the 2024", it is "94% likely" that bots will replace accountants, auditors, and financial analysts by the million. Consequently, it says, accountants (or anyone else worried about being replaced by AI) should learn graphic design instead. The stats come from a five-year-old Oxford Martin School report, but that needn't concern us here.
What's more interesting is another statistic: 600,000. That’s how many printers the marketing agency claim to have clogged up with advertising, according to this report from Graham Cluley.
[...]
It wouldn't be the first time that someone had spammed printers online. In December, a hacker calling himself TheHackerGiraffe spammed 50,000 printers promoting popular YouTube celebrity PewDiePie. Other incidents have been much darker. Nazi nerd Andrew Aurenheimer, a.k.a. Weev, sent white supremacist messages to every printer in North America that he could find instead of using Shodan, he used Masscan, which is a mass IP port scanner.

Android looks a little less open now that Google has begun to enforce draconian new rules on accessing a phone's call and text logs.
Developers have been forced to remove features or in some cases change the fundamental nature of the application. One example is BlackBerry's Hub, an email client which also aggregated notifications from a variety of apps and presented them chronologically in a timeline. This application has lost its ability to includes calls and texts in that timeline.
Exceptions created by Google don't seem to be honoured, developers complained. One said that an enterprise archiving app – a category specifically exempt from the clampdown – has been broken.
Another developer, Miroslav Novosvetsky of MobileSoft, rued that he might have to withdraw his Callistics usage monitor app altogether.

A community member opened a bug the other day related to a weird networking behavior in the Cloud VPS service, offered by the Cloud Services team at Wikimedia Foundation. This VPS hosting service is based on Openstack, and we implement the networking bits by means of Neutron.
Our current setup is based on Openstack Mitaka (old, I know) and the networking architecture we use is extensively described in our docs. What is interesting today is our floating IP setup, which Neutron uses by means of the Netfilter NAT engine.
Neutron creates a couple of NAT rules for each floating IP, to implement both SNAT and DNAT. In our setup, if a VM uses a floating IP, then all its traffic to and from The Internet will use this floating IP. In our case, the floating IP range is made of public IPv4 addresses.

Latest News

Server Leftovers

Google on Monday announced that it has made available its Sandboxed API as open source in an effort to make it easier for software developers to create secure products.
It’s not uncommon for applications to be affected by memory corruption or other types of vulnerabilities that can be exploited for remote code execution and other purposes. Using a sandbox ensures that the code responsible for processing user input can only access the resources it needs to, which mitigates the impact of a flaw by containing the exploit to a restricted environment and preventing it from interacting with other software components.
While sandboxing can be highly useful, Google says it’s often not easy to implement. That is why the internet giant has decided to open source its Sandboxed API, which should make it easier to sandbox C and C++ libraries. The company has also open sourced its core sandboxing project, Sandbox2, which can be used on its own to secure Linux processes.

Clouds are growing quickly as IT executives look to find more flexibility and cut costs by adopting cloud and software as a service (SaaS) applications. But most enterprises aren’t getting rid of all their on-premise systems, which means somebody needs to connect those cloud and on-premise systems. One of those “somebodies” is BMC Software.

IBM i professionals who work extensively with files in the IFS will be happy to hear a new software utility has been ported to the IBM i PASE environment that could save them a bunch of time. The open source software, called Midnight Commander, gives developers and administrators a handy command line experience that can help speed up tasks, especially when giving commands to large number of files stored on remote machines.
Midnight Commander was originally developed in 1994 as a file utility for UNIX, which was beginning to emerge from software labs to challenge minicomputer platforms of the day, such as the AS/400, as well as early Windows operating systems. Miguel de Icaza, who’s known for founding the Mono project (among others), is credited with creating Midnight Commander, but over the years development of the product has become a group effort.
The utility, which is distributed via a GNU license from www.midnightcommander.org, was largely modeled off Norton Commander, an MS-DOS utility developed in the 1980s by Norton. But Midnight Commander has evolved into its own thing over the years, and the resemblance to that old Norton product today largely is only in the name.

Top 10 New Linux SBCs to Watch in 2019

A recent Global Market Insights report projects the single board computer market will grow from $600 million in 2018 to $1 billion by 2025. Yet, you don’t need to read a market research report to realize the SBC market is booming. Driven by the trends toward IoT and AI-enabled edge computing, new boards keep rolling off the assembly lines, many of them tailored for highly specific applications.
Much of the action has been in Linux-compatible boards, including the insanely popular Raspberry Pi. The number of different vendors and models has exploded thanks in part to the rise of community-backed, open-spec SBCs.
Here we examine 10 of the most intriguing, Linux-driven SBCs among the many products announced in the last four weeks that bookended the recent Embedded World show in Nuremberg. (There was also some interesting Linux software news at the show.) Two of the SBCs—the Intel Whiskey Lake based UP Xtreme and Nvidia Jetson Nano driven Jetson Nano Dev Kit—were announced only this week.

Fedora: Systemd, AskFedora, Varnish

Merged this morning into the systemd code-base was a big feature addition that's been in the works for the better part of one year by Lennart Poettering and other developers.
Merged into the systemd tree is now the OCI runtime support for nspawn. Systemd's Nspawn, their tool that can be used for starting an OS within a lightweight container, now has support for the OCI run-time specification.